This season - each season starting in Fall of one year and lasting until Spring of the following year - we are seeing a hijack complement which appears to be devious in both marketing and installation technique, and which requires a complex search of the affected blogs. If you are receiving reports from your readers

Your blog starts to load - but is quickly replaced by a page full of advertisements!

you may need to exhaustively examine your blog for any third party code - and as always, the problem code may have been installed at any time in the past. When discovered, the hijacks are not consistently found in recently installed code.
The blog hijacks, being examined during this holiday season - appear to be deviously planned and marketed.

The hijacks use a variety of host accessories and gadgets.

The hijacks use a variety of distribution libraries.

The hijacks are being marketed to a diverse audience, which causes different installation techniques - and necessitates the complex search of affected blogs.

To find and remove a hijack from an affected blog, you'll need to start by viewing the blog in question, using a text only browser, or proxy service. I, personally, use several products.

hpHosts vURL is a text only browser, that runs as a stand alone application locally on your computer.

Notepad-Plus-Plus is an offline text editor, which provides a variety of search tools for text files. You can sometimes avoid use of your browser completely, by copying page source code directly from vURL.

Load the blog, in question, in the text browser / proxy display of your choice.

Do a simple text search for the identified host / target name in the URL, such as "adiwidget", "pagesinxt", or "ripway".

You'll see several different possibilities.

The search may reveal the hijacking code in an HTML gadget. You can use the "Pages Elements" / Design tab (Classic GUI), or the "Layout" wizard (New GUI), and remove the offending gadget.

The search may reveal the hijacking code in the template HTML. You'll have to use the Template Editor, and remove the offending lines of code.

The search may not find any identified host name, in a text search. You'll have to do an extensive text search, looking for unknown HTML / JavaScript gadgets / snippets of code, and evaluate each gadget / snippet, on the fly.